Cryptology ePrint Archive: Report 2007/382

Oblivious Transfer via McEliece's PKC and Permuted Kernels

K. Kobara and K. Morozov and R. Overbeck

Abstract: We present two efficient protocols for two flavors of oblivious
transfer (OT): the Rabin and 1-out-of-2 OT using the McEliece
cryptosystem and Shamir's zero-knowledge identification scheme based
on permuted kernels. This is a step towards diversifying computational
assumptions on which OT -- the primitive of central importance -- can
be based.

Although we obtain a weak version of Rabin OT (where the malicious
receiver may decrease his erasure probability), it can nevertheless be
reduced to secure 1-out-of-2 OT.

Elaborating on the first protocol, we provide a practical construction
for 1-out-of-2 OT.